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.STATUS OF CLAIMS 



Claiins 1-16 are pending, _ ^ 

Claims 1-16 stand rejected under 35 USC §103(a). 



STATUS OF AMENDMENTS 



There are no pending amendments, 



SUMMARY OF CLAIMED SUBJECT MATTER 



FIG. 2 (described on page 6, lines 8-24, of applicant's specification) shows a secure disk 
drive 20 according to an enibodiment of the present invention as comprising a disk 22 for storing 
data, and an input 24 for receiving an encrypted message 26 from a client disk drive, the 
encrypted message 26 comprising ciphertext data and a client drive ID identifying the client disk 
drive. The secure di$k drive 20 comprises a secure drive key 34 and an internal drive ID 38. A 
key generator 30 within the secure disk drive 20 generates a client drive key 32 based on the 
client drive ID and the secure drive key 34, and an internal drive key 36 based on the internal 
drive ID 38 and the secure drive key 34. The secure disk drive 20 further comprises an 
authenticator 56 for verifying the authenticity of the encr>Tpted message 26 and generating an 
enable signal 50, the authenticator 56 is responsive to the encrypted message 26 and the client 
drive key 32. The secure disk drive further comprises a data processor 40 comprising a message 
input 42 for receiving the encrypted message 26 from the client disk drive, and a data output 58 
for outputting the ciphertext data 46 to be written to the disk 22. The data processor 40 fiuther 
comprises an enable input 48 for receiving the enable signal 50 for enabling the data processor 
40, and a key input 51 for receiving the internal drive key 36, the internal drive key 36 for use in 
generating a message authentication code. The data processor 40 outputs reply data 54 
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comprising the-mess'age "authentication code. The secure disk drive 20 outputs a reply 60 to the 
client disk drive, the reply 60 comprising the reply data 54 and the internal drive ID 38. 



Claims 1-16 stand rejected under 35 USC §103(a) as unpatentable over U.S. Patent No. 
6,226,750 to Trieger in view of U.S. Patent No. 6,473,861 to Stokes and m view of U.S. Patent 
No. 5,931,947 to Bums et al. 

The examiner asserts that Trieger discloses a secure disk drive for receiving an encrypted 
message from a client disk drive, the encrypted message comprising ciphertext data and a device 
ID identifying the client disk drive. The examiner further asserts that Trieger discloses a secure 
disk drive that generates a client drive key based on the client drive ID and a secure dnve key 
(state information) for use in authenticating the client drive ID. The applicant respectfully 
disagrees. 



A. The rejection should be reversed because the state information disclosed bv Trieger is not 
a secure drive key 

The examiner asserts that Trieger discloses a secure disk drive that generates a client 
drive key based on the client drive ID and a secure drive key (state information) for use in 
authenticating the client drive ID, However, the state information disclosed by Trieger merely 
refers to information associated with a particular communication session between a client and a 
server. The server saves the state information so that the client does not have to resend the state 
information with each new communication request (see col. 9, lines 20-27). The state 
information cannot be considered a secure drive key because a client dri ve kev is not generated 
based on the state information, with an authenticator responsive to the generated client drive key, 
as recited in the claims. 
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In Trieger, a server imtially authendca^^^^ a client by the client sending authentication 
information, such as a password, to the server (see col. 7, line 65 to col 8, line 12). If the 
authentication information is approved, the server generates a first key that identifies the client 
(device ID), and transmits the key to the client (col 8, lines 12-15). During a subsequent 
communication session, the server authenticates the client by validating the key (device ID) sent 
to the server in a cotnmunication request (see coL 8, lines 63-66). As described at col 9, lines 4- 
9, Trieger teaches to validate the key by "comparing the value of key 92 with key values stored 
in a key storage database at the server 52. . ..[or] the key may be self-validating in that the server 
52 may be able to immediately recognize the key's infonnation or format," Nowhere does 
Trieger (or the other relied upon prior art, alone or in combination) disclose or suggest that, when 
an encrypted message including a client drive ID is received, an authenticator venfies the 
authenticity of the encrypted message responsive to a client drive key generated based on the 
client drive ID and asccure drive key . 

The exaxtiiner also asserts that Bums discloses a reply that may contain an internal drive 
ID so that devices can authenticate each other. This interpretation of Bums is incorrect. Bums 
discloses a secure disk drive for authenticating messages received from a client user or 
subscriber and does not disclose devices authenticating each other . (See Abstract, wherein ''all 
encryption is done by the clients, rather than by the devices,") As discussed by the applicant in 
the specification at page 4, lines 4-6, in Bums, 'the keys used by the clients for encrypting data 
and generating the message authentication codes are generated external to the devices by a 
system administrator which is susceptible to attack." 

In the final office action, the examiner asserts that Bums discloses (col 3, line 65 through 
col. 4, line 7) "the network storage devices can be comprised of existing direct access disk 
devices and files can be copied directly from on storage device to another in a secure manner, the 
networks clients only mvolvement would be to initiate the action/* However, this does not mean 
that the storage devices authenticate one another, it merely means that files can be safely copied 
from one storage device to another because the files have already been encrypted bv the clients . 
In any event, the examiner concedes it is the network cUents that "initiate the action", which 
means the request to transfer files comes from a network cUent and not another storage device. 



^ J^^^^^^ Digital Technologies^ Iiic^ ^ 

^ ^Serial Number: 09/608,103 :r:^-^r^rrr-=r-r- 
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Id Bums, it is the requests generated bv the network, clients that are authenticated by the storage 
device and not requests generated bv other storage devices . 
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"'^ CONCLUSION 



Reversal of the rejections m this appeal is respectfully requested. 

To the extent necessary, a petition for an extension of time under 37 CF.R. L136 is 
hereby made. Please charge any shortage ir\ fees due in connection with the filing of this paper, 
including extension of time fees, to Deposit Account No. 23-1209, and please credit any excess 
fees to such deposit account. 



WESTERN DIGITAL TECHNOLOGIES, INC. 
2051 1 Lake Forest Drive 
Lake Forest, CA 92630 
Tel.: (949)672-9474 
Fax: (949) 672-6604 



Respectfully submitted. 



Date: August 7, 2006 



By: y^-^^"~^r^^' 
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CLAIMS APPENDIX 
A complete listing of the claims on appeal: 



1 L A secure disk drive pomprisingL _ : . . _ - 

2 (a) a disk for storing data; 

3 (b) an input for receiving an encrypted message from a client disk drive, the encrypted 

4 message comprising ciphertext data and a client drive ID identifying the client disk 

5 drive; 

6 (c) a secure drive key; 

? (d) an internal drive ID; 

8 (e) a key generator for generating a client drive key based on the client drive ID and the 

9 secure drive key, and an intemal drive key based on the internal drive ID and the 

10 secure drive key; 

11 (f) an authenticator for verifying the authenticity of the encrj'pted message and 

12 generating an enable signal, the authenticator responsive to the encrypted message 

13 and the client drive key; 

14 (g) a data processor comprising: 

15 a message input for receiving the encrypted message from the client disk drive; 

16 a data output for outputting the cjphertext data to be written to the disk; 

17 an enable input for receiving the enable signal for enabling the data processor; 

18 a key input for receiving the intemal drive key, the intemal drive key for use in 

19 generating a message authentication code; and 

20 a reply output for outputting reply data, the reply data comprising the message 

21 authentication code; and 

22 (h) an output for outputting a reply to the chent disk drive, the reply comprising the reply 

23 data and the internal drive ID. 
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1 4. 
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1 5- 
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1 6. 

2 

1 7. 
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1 8- 
2 

1 9. 

2 

3 

4 

5 

6 

7 



"-The secure disk drive of claim 1 , wherein the seeiire'drive key is immutable. 

—The secure disk drive of claim 1, wherein the secure drive key i.$„mutable. 

The secure disk dnve of claira 1, wherein the authenticator comprises a means for 
verifying the access rights of the client drive ID. 

The secure disk drive of claim 1, wherein the secure drive key comprises tamper resistant 
circuitry. 

The secure disk drive of claim 1, wherein the key generator comprises tamper resistant 
circuitry. 

The secure disk drive as recited in claim 1, wherein the authenticator comprises tamper 
resistant circuitry. 

The secure disk dri ve as recited in claim 1, wherein the data processor further comprises 
cryptographic facihties. 

A secure disk drive compnsmg: 

(a) a disk for storing data; 

(b) an input for receiving aji.n encrypted message from a client disk drive, the encrypted 
message comprising ciphertext data and a client drive ID identifying the client disk 
drive; 

(c) a secure drive key; 

(d) an internal drive ED; 
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8 (e) a key generator "for generating a client drive key based on the client drivelD*^and the 

9 secure drive key, and aji internal drive key based on the internal drive. ID and the 

1 0 secure drive key; * - ' - • " 

1 1 (f) an authenticator for verifying the authenticity of the encrypted message and 

12 generating an enable signal, the authenticator responsive to the encrypted message 

1 3 and the client drive key; 

14 (g) a data processor compri sing: 

15 a message input for receiving the encrypted message from the client secure disk 

16 drive; 

17 a data input for receiving ciphertext data read from the disk; 

1 8 an enable input for receiving the enable signal for enabling the data processor; 

19 a key input for receiving the internal drive key, the internal dnve key for use in 

20 generating a message authentication code, and 

21 a reply output for outputting reply data, the reply data comprising the ciphertext data 

22 read from the disk and the message authentication code; and 

23 (li) an output for outputting a reply to the client disk drive, the reply comprising the reply 

24 data and the internal drive ID. 

1 1 0. The secure disk drive of claim 9, wherem the secure drive key is immutable. 

1 11. The secure disk drive of claim 9, wherein the secure drive key is mutable. 

1 12. The secure disk drive of claim 9, wherein the authenticator comprises a means for 

2 verifying the access rights of the client drive ID. 
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4-^ - 13, The secure disk drive of claim 9, wherein the secure drive key comprises tamper resistant 

2 circuitry. 

1 14. The secure disk drive of claim 9, wherein the key generator comprises tamper rcsisUnt 

2 circuitry. 

1 15. The secure disk drive as recited in claim 9, wherein the authenticator comprises tamper 

2 resistant circuitry'. 

1 16. The secure disk drive as recited in claim 9, wherein the data processor further comprises 

2 cryptographic facilities. 
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